diff options
| -rw-r--r-- | system/helpers/form_helper.php | 11 | ||||
| -rw-r--r-- | user_guide/changelog.html | 1 |
2 files changed, 1 insertions, 11 deletions
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index bdc87b86f..987ff18e2 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -610,22 +610,11 @@ if ( ! function_exists('form_prep')) return ''; } - $temp = '__TEMP_AMPERSANDS__'; - - // Replace entities to temporary markers so that - // htmlspecialchars won't mess them up - $str = preg_replace("/&#(\d+);/", "$temp\\1;", $str); - $str = preg_replace("/&(\w+);/", "$temp\\1;", $str); - $str = htmlspecialchars($str); // In case htmlspecialchars misses these. $str = str_replace(array("'", '"'), array("'", """), $str); - // Decode the temp markers back to entities - $str = preg_replace("/$temp(\d+);/","&#\\1;",$str); - $str = preg_replace("/$temp(\w+);/","&\\1;",$str); - return $str; } } diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 2cd5c68ea..b3ac1671a 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -100,6 +100,7 @@ SVN Revision: </p> <li>Fixed a bug that would cause PHP errors in XML-RPC data if the PHP data type did not match the specified XML-RPC type.</li> <li>Fixed a bug in the XML-RPC class with parsing dateTime.iso8601 data types.</li> <li>Fixed a case sensitive string replacement in xss_clean()</li> + <li>Fixed a bug in form_prep() causing it to not preserve entities in the user's original input when called back into a form element</li> </ul> <h2>Version 1.7.1</h2> |